Provisioning users from outside Jetspeed 2, security services

[Paul ANDERSON <pa...@wataniya-algerie.com>]

Can I create/remove users directly in the RDBMS/LDAP backend for
Jetspeed 2, or does it assume that changes will go through the admin
portlets and engine?

 

Can user profile fields be changed outside, or are they cached either as
fields or markup in the admin portlets?

 

Can I store authentication info, role info, ACL info, preferences and
working data all in different backends depending on the security
services implementation, or is there some reason why they have to be in
the same store?

 

Has anyone successfully tried a setup where Jetspeed just provides
services for existing users who are administered somewhere else?

 

Thanks,

 

Paul.

 

Re: Provisioning users from outside Jetspeed 2, security services

[Randy Watler <wa...@wispertel.net>]

Paul,

All of this is more or less possible with J2. Please scan the archives 
of this and the dev mail list... you will find plenty of discussions 
there... some very recent.

Randy

Paul ANDERSON wrote:

>Can I create/remove users directly in the RDBMS/LDAP backend for
>Jetspeed 2, or does it assume that changes will go through the admin
>portlets and engine?
>
> 
>
>Can user profile fields be changed outside, or are they cached either as
>fields or markup in the admin portlets?
>
> 
>
>Can I store authentication info, role info, ACL info, preferences and
>working data all in different backends depending on the security
>services implementation, or is there some reason why they have to be in
>the same store?
>
> 
>
>Has anyone successfully tried a setup where Jetspeed just provides
>services for existing users who are administered somewhere else?
>
> 
>
>Thanks,
>
> 
>
>Paul.
>
> 
>
>
>  
>


---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-user-help@portals.apache.org

Re: AW: Provisioning users from outside Jetspeed 2, security services

[Randy Watler <wa...@wispertel.net>]

Florian,

Please review the archives for this and the dev list.

There are two techniques:

- implement UserManager and/or other security SPI components for J2, or
- implement a custom SecurityValve.

You will find both techniques discussed in the archives.

Randy

Florian Theurich wrote:

>Hi,
>
>I suppose I have a similar issued to solve like Paul...
>
>Using Jetspeed2 our users log in the windows domain and are automatically
>authenticated against our portal as they are users in the corporate Active
>Directory. An Active Directory group further tells us which business unit he
>works for and which role he obtains (editor, editor in charge, contact admin
>etc.)...
>
>But where can we tell Jetspeed to actually grab or 'inject' the role (as
>Jetspeed seems to dot it when your users and their roles are stored in the
>DB) so that Jetspeed can use it for applying profiling rules and eventually
>come up with the pages that are to display for a particular user? So in a
>nutshell how can we tell J2 to make use of the role and group that we
>receive from the Active Directory...?
>
>I hope I made myself clear...
>Any suggestions are highly appreciated
>Cheers
>
>Florian
>
>
>
>-----Ursprüngliche Nachricht-----
>Von: Paul ANDERSON [mailto:paul.anderson@wataniya-algerie.com] 
>Gesendet: Dienstag, 28. Juni 2005 18:44
>An: Jetspeed Users List
>Betreff: Provisioning users from outside Jetspeed 2, security services
>
>Can I create/remove users directly in the RDBMS/LDAP backend for
>Jetspeed 2, or does it assume that changes will go through the admin
>portlets and engine?
>
> 
>
>Can user profile fields be changed outside, or are they cached either as
>fields or markup in the admin portlets?
>
> 
>
>Can I store authentication info, role info, ACL info, preferences and
>working data all in different backends depending on the security
>services implementation, or is there some reason why they have to be in
>the same store?
>
> 
>
>Has anyone successfully tried a setup where Jetspeed just provides
>services for existing users who are administered somewhere else?
>
> 
>
>Thanks,
>
> 
>
>Paul.
>
> 
>
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
>For additional commands, e-mail: jetspeed-user-help@portals.apache.org
>
>
>
>  
>



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-user-help@portals.apache.org

AW: Provisioning users from outside Jetspeed 2, security services

[Florian Theurich <fl...@x-cell.com>]

Hi,

I suppose I have a similar issued to solve like Paul...

Using Jetspeed2 our users log in the windows domain and are automatically
authenticated against our portal as they are users in the corporate Active
Directory. An Active Directory group further tells us which business unit he
works for and which role he obtains (editor, editor in charge, contact admin
etc.)...

But where can we tell Jetspeed to actually grab or 'inject' the role (as
Jetspeed seems to dot it when your users and their roles are stored in the
DB) so that Jetspeed can use it for applying profiling rules and eventually
come up with the pages that are to display for a particular user? So in a
nutshell how can we tell J2 to make use of the role and group that we
receive from the Active Directory...?

I hope I made myself clear...
Any suggestions are highly appreciated
Cheers

Florian



-----Ursprüngliche Nachricht-----
Von: Paul ANDERSON [mailto:paul.anderson@wataniya-algerie.com] 
Gesendet: Dienstag, 28. Juni 2005 18:44
An: Jetspeed Users List
Betreff: Provisioning users from outside Jetspeed 2, security services

Can I create/remove users directly in the RDBMS/LDAP backend for
Jetspeed 2, or does it assume that changes will go through the admin
portlets and engine?

 

Can user profile fields be changed outside, or are they cached either as
fields or markup in the admin portlets?

 

Can I store authentication info, role info, ACL info, preferences and
working data all in different backends depending on the security
services implementation, or is there some reason why they have to be in
the same store?

 

Has anyone successfully tried a setup where Jetspeed just provides
services for existing users who are administered somewhere else?

 

Thanks,

 

Paul.

 




---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-user-help@portals.apache.org